CVE-2018-17870
CVE-2018-17870 affects BTITeam XBTIT 2.5.4, via an open redirect in the returnto parameter of account_change.php. This CVE is stated as distinct from CVE-2018-15683. The provided NVD entry lists CVSS vectors/scores (2.0: 5.8; 3.0: 6.1) and general exposure (network, no auth for CVSS2; UI required...